src/fwd.c | 4 +++- src/ldap_driver.c | 7 ++++--- src/ldap_helper.c | 34 +++++++++++++++++++++------------- src/log.h | 9 +++++++++ src/metadb.c | 3 ++- src/settings.c | 12 ++++-------- src/syncrepl.c | 6 ++---- src/util.h | 7 +++++++ src/zone_register.h | 1 + 9 files changed, 53 insertions(+), 30 deletions(-) diff --git a/src/fwd.c b/src/fwd.c index 24f6e53..0a3c673 100644 --- a/src/fwd.c +++ b/src/fwd.c @@ -595,10 +595,12 @@ fwd_configure_zone(const settings_set_t *set, ldap_instance_t *inst, dns_result_totext(result)); /* Handle collisions with automatic empty zones. */ - if (isconfigured == true) + if (isconfigured == true) { + run_exclusive_enter(inst, &lock_state); CHECK(empty_zone_handle_conflicts(name, view->zonetable, (fwdpolicy == dns_fwdpolicy_first))); + } cleanup: run_exclusive_exit(inst, lock_state); diff --git a/src/ldap_driver.c b/src/ldap_driver.c index 7367493..e4aeeb2 100644 --- a/src/ldap_driver.c +++ b/src/ldap_driver.c @@ -465,13 +465,14 @@ findrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, static isc_result_t allrdatasets(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, - isc_stdtime_t now, dns_rdatasetiter_t **iteratorp) + DNS_DB_ALLRDATASETS_OPTIONS(unsigned int options, isc_stdtime_t now), + dns_rdatasetiter_t **iteratorp) { ldapdb_t *ldapdb = (ldapdb_t *) db; REQUIRE(VALID_LDAPDB(ldapdb)); - return dns_db_allrdatasets(ldapdb->rbtdb, node, version, now, iteratorp); + return dns_db_allrdatasets(ldapdb->rbtdb, node, version, DNS_DB_ALLRDATASETS_OPTIONS(options, now), iteratorp); } /* TODO: Add 'tainted' flag to the LDAP instance if something went wrong. */ @@ -514,7 +515,7 @@ node_isempty(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, CHECK(ldapdb_name_fromnode(node, dns_fixedname_initname(&fname))); - result = dns_db_allrdatasets(db, node, version, now, &rds_iter); + result = dns_db_allrdatasets(db, node, version, DNS_DB_ALLRDATASETS_OPTIONS(0, now), &rds_iter); if (result == ISC_R_NOTFOUND) { *isempty = true; } else if (result == ISC_R_SUCCESS) { diff --git a/src/ldap_helper.c b/src/ldap_helper.c index 7ea3df9..4391e18 100644 --- a/src/ldap_helper.c +++ b/src/ldap_helper.c @@ -1317,8 +1317,7 @@ configure_zone_acl(isc_mem_t *mctx, dns_zone_t *zone, dns_zone_logc(zone, DNS_LOGCATEGORY_SECURITY, ISC_LOG_CRITICAL, "cannot configure restrictive %s policy: %s", type_txt, isc_result_totext(result2)); - FATAL_ERROR(__FILE__, __LINE__, - "insecure state detected"); + fatal_error("insecure state detected"); } } acl_setter(zone, acl); @@ -1365,8 +1364,7 @@ configure_zone_ssutable(dns_zone_t *zone, const char *update_str) dns_zone_logc(zone, DNS_LOGCATEGORY_SECURITY, ISC_LOG_CRITICAL, "cannot disable all updates: %s", isc_result_totext(result2)); - FATAL_ERROR(__FILE__, __LINE__, - "insecure state detected"); + fatal_error("insecure state detected"); } } @@ -2005,7 +2003,7 @@ zone_sync_apex(const ldap_instance_t * const inst, zone_settings, &rdatalist)); CHECK(dns_db_getoriginnode(rbtdb, &node)); - result = dns_db_allrdatasets(rbtdb, node, version, 0, + result = dns_db_allrdatasets(rbtdb, node, version, DNS_DB_ALLRDATASETS_OPTIONS(0, 0), &rbt_rds_iterator); if (result == ISC_R_SUCCESS) { CHECK(diff_ldap_rbtdb(inst->mctx, &name, &rdatalist, @@ -2951,8 +2949,7 @@ force_reconnect: ldap_inst); break; case AUTH_INVALID: - UNEXPECTED_ERROR(__FILE__, __LINE__, - "invalid auth_method_enum value %u", + unexpected_error("invalid auth_method_enum value %u", auth_method_enum); break; @@ -3782,8 +3779,7 @@ update_zone(isc_task_t *task, isc_event_t *event) else if (entry->class & LDAP_ENTRYCLASS_FORWARD) CHECK(ldap_parse_fwd_zoneentry(entry, inst)); else - FATAL_ERROR(__FILE__, __LINE__, - "update_zone: unexpected entry class"); + fatal_error("update_zone: unexpected entry class"); } cleanup: @@ -3929,7 +3925,7 @@ update_restart: CHECK(dns_db_newversion(ldapdb, &version)); CHECK(dns_db_findnode(rbtdb, &entry->fqdn, true, &node)); - result = dns_db_allrdatasets(rbtdb, node, version, 0, &rbt_rds_iterator); + result = dns_db_allrdatasets(rbtdb, node, version, DNS_DB_ALLRDATASETS_OPTIONS(0, 0), &rbt_rds_iterator); if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) goto cleanup; @@ -4728,12 +4724,16 @@ cleanup: static isc_threadresult_t ldap_syncrepl_watcher(isc_threadarg_t arg) { + const uint32_t FIRST_RECON_RETRIES = 3; + const uint32_t FIRST_RECON_INTERVAL = 5; + bool first_time = true; ldap_instance_t *inst = (ldap_instance_t *)arg; ldap_connection_t *conn = NULL; int ret; isc_result_t result; sigset_t sigset; uint32_t reconnect_interval; + uint32_t remaining = FIRST_RECON_RETRIES; sync_state_t state; log_debug(1, "Entering ldap_syncrepl_watcher"); @@ -4799,9 +4799,16 @@ retry: /* Try to connect. */ while (conn->handle == NULL) { CHECK_EXIT; - CHECK(setting_get_uint("reconnect_interval", - inst->server_ldap_settings, - &reconnect_interval)); + if (first_time == true && remaining > 0) { + remaining--; + reconnect_interval = FIRST_RECON_INTERVAL; + log_error("ldap_syncrepl will reconnect due to" + " starting problems"); + } else { + CHECK(setting_get_uint("reconnect_interval", + inst->server_ldap_settings, + &reconnect_interval)); + } log_error("ldap_syncrepl will reconnect in %d second%s", reconnect_interval, @@ -4811,6 +4818,7 @@ retry: handle_connection_error(inst, conn, true); } + first_time = false; } cleanup: diff --git a/src/log.h b/src/log.h index da71f8b..844ac46 100644 --- a/src/log.h +++ b/src/log.h @@ -17,8 +17,17 @@ #define GET_LOG_LEVEL(level) (level) #endif +#if LIBDNS_VERSION_MAJOR >= 1809 +#define fatal_error(...) \ + isc_error_fatal(__FILE__, __LINE__, __func__, __VA_ARGS__) +#define unexpected_error(...) \ + isc_error_unexpected(__FILE__, __LINE__, __func__, __VA_ARGS__) +#else #define fatal_error(...) \ isc_error_fatal(__FILE__, __LINE__, __VA_ARGS__) +#define unexpected_error(...) \ + isc_error_unexpected(__FILE__, __LINE__, __VA_ARGS__) +#endif #define log_bug(fmt, ...) \ log_error("bug in %s(): " fmt, __func__,##__VA_ARGS__) diff --git a/src/metadb.c b/src/metadb.c index f469a30..276de24 100644 --- a/src/metadb.c +++ b/src/metadb.c @@ -217,7 +217,8 @@ metadb_node_delete(metadb_node_t **nodep) { node = *nodep; dns_rdataset_init(&rdataset); - CHECK(dns_db_allrdatasets(node->rbtdb, node->dbnode, node->version, 0, + CHECK(dns_db_allrdatasets(node->rbtdb, node->dbnode, node->version, + DNS_DB_ALLRDATASETS_OPTIONS(0, 0), &iter)); for (result = dns_rdatasetiter_first(iter); diff --git a/src/settings.c b/src/settings.c index def60d7..2a0bb19 100644 --- a/src/settings.c +++ b/src/settings.c @@ -178,8 +178,7 @@ setting_get(const char *const name, const setting_type_t type, *(bool *)target = setting->value.value_boolean; break; default: - UNEXPECTED_ERROR(__FILE__, __LINE__, - "invalid setting_type_t value %u", type); + unexpected_error("invalid setting_type_t value %u", type); break; } @@ -278,8 +277,7 @@ set_value(isc_mem_t *mctx, const settings_set_t *set, setting_t *setting, CLEANUP_WITH(ISC_R_IGNORE); break; default: - UNEXPECTED_ERROR(__FILE__, __LINE__, - "invalid setting_type_t value %u", setting->type); + unexpected_error("invalid setting_type_t value %u", setting->type); break; } @@ -304,8 +302,7 @@ set_value(isc_mem_t *mctx, const settings_set_t *set, setting_t *setting, setting->value.value_boolean = numeric_value; break; default: - UNEXPECTED_ERROR(__FILE__, __LINE__, - "invalid setting_type_t value %u", setting->type); + unexpected_error("invalid setting_type_t value %u", setting->type); break; } setting->filled = 1; @@ -389,8 +386,7 @@ setting_unset(const char *const name, const settings_set_t *set) case ST_BOOLEAN: break; default: - UNEXPECTED_ERROR(__FILE__, __LINE__, - "invalid setting_type_t value %u", setting->type); + unexpected_error("invalid setting_type_t value %u", setting->type); break; } setting->filled = 0; diff --git a/src/syncrepl.c b/src/syncrepl.c index 0bee09a..f94379c 100644 --- a/src/syncrepl.c +++ b/src/syncrepl.c @@ -148,8 +148,7 @@ finish(isc_task_t *task, isc_event_t *event) { case sync_datainit: case sync_finished: default: - FATAL_ERROR(__FILE__, __LINE__, - "sync_barrier_wait(): invalid state " + fatal_error("sync_barrier_wait(): invalid state " "%u", bev->sctx->state); } sync_state_change(bev->sctx, new_state, false); @@ -518,8 +517,7 @@ sync_barrier_wait(sync_ctx_t *sctx, ldap_instance_t *inst) { case sync_databarrier: case sync_finished: default: - FATAL_ERROR(__FILE__, __LINE__, - "sync_barrier_wait(): invalid state " + fatal_error("sync_barrier_wait(): invalid state " "%u", sctx->state); } diff --git a/src/util.h b/src/util.h index 5088ff3..5da0f5c 100644 --- a/src/util.h +++ b/src/util.h @@ -13,6 +13,7 @@ #include #include #include +#include #include "log.h" #include "dyndb-config.h" @@ -29,6 +30,12 @@ extern bool verbose_checks; /* from settings.c */ #define dns_name_copynf(src, dst) dns_name_copy((src), (dst)) #endif +#ifdef DNS_DB_STALEOK +#define DNS_DB_ALLRDATASETS_OPTIONS(options, tstamp) options, tstamp +#else +#define DNS_DB_ALLRDATASETS_OPTIONS(options, tstamp) tstamp +#endif + #define CLEANUP_WITH(result_code) \ do { \ result = (result_code); \ diff --git a/src/zone_register.h b/src/zone_register.h index 9d13bb6..2b6ab51 100644 --- a/src/zone_register.h +++ b/src/zone_register.h @@ -5,6 +5,7 @@ #ifndef _LD_ZONE_REGISTER_H_ #define _LD_ZONE_REGISTER_H_ +#include #include #include "settings.h"